id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 2537 "Host not found in resolver ""kube-dns.kube-system.svc.cluster.local"". Apparently 'resolver' does not work with long DNS names" yersan@… "Hi, I have the following simple configuration: {{{ / # cat /etc/nginx/conf.d/nginx.conf server { listen 8080; server_name $hostname; location / { root /usr/share/nginx/html; index index.html; try_files $uri $uri/ /index.html; } location /api/ { error_log /var/log/nginx/api-error.log debug; resolver kube-dns.kube-system.svc.cluster.local valid=10s; set $target todo-list-backend-svc.default.svc.cluster.local; proxy_pass http://$target; } }}} Which gives me the following error: {{{ / # nginx -s reload 2023/08/26 11:16:25 [emerg] 60#60: host not found in resolver ""kube-dns.kube-system.svc.cluster.local"" in /etc/nginx/conf.d/nginx.conf:11 nginx: [emerg] host not found in resolver ""kube-dns.kube-system.svc.cluster.local"" in /etc/nginx/conf.d/nginx.conf:11 }}} I've checked that ""kube-dns.kube-system.svc.cluster.local"" can be resolved locally: {{{ / # nslookup kube-dns.kube-system.svc.cluster.local Server: 10.96.0.10 Address: 10.96.0.10:53 Name: kube-dns.kube-system.svc.cluster.local Address: 10.96.0.10 }}} This is my /etc/resolv.conf: {{{ / # cat /etc/resolv.conf nameserver 10.96.0.10 search default.svc.cluster.local svc.cluster.local cluster.local localdomain options ndots:5 }}} When I remove the ""svc.cluster.local"" from the DNS name, nginx is reloaded without any issue: {{{ / # cat /etc/nginx/conf.d/nginx.conf server { listen 8080; server_name $hostname; location / { root /usr/share/nginx/html; index index.html; try_files $uri $uri/ /index.html; } location /api/ { error_log /var/log/nginx/api-error.log debug; resolver kube-dns.kube-system valid=30s; set $target todo-list-backend-svc.default.svc.cluster.local; proxy_pass http://$target; } / # nginx -s reload 2023/08/26 11:20:03 [notice] 67#67: signal process started / # }}} So, what is going wrong here? It looks like resolver is unable to deal with long DNS names. " defect closed major nginx-module 1.25.x invalid ngx_http_core_module Linux todo-list-front-5b4c5887fd-tc2b4 5.14.0-162.22.2.el9_1.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Mar 15 14:44:24 EDT 2023 x86_64 Linux "nginx version: nginx/1.24.0 built by gcc 12.2.1 20220924 (Alpine 12.2.1_git20220924-r4) built with OpenSSL 3.0.7 1 Nov 2022 (running with OpenSSL 3.0.10 1 Aug 2023) TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --with-perl_modules_path=/usr/lib/perl5/vendor_perl --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-Os -fomit-frame-pointer -g' --with-ld-opt=-Wl,--as-needed,-O1,--sort-common"